Probe for unannounced web servers in a domain?

Probe for unannounced web servers in a domain?

Post by Prentiss Ridd » Tue, 20 Feb 1996 04:00:00



I am looking for tools and/or methods for discovering unannounced web
servers in my domain, a typical heterogeneous unfirewalled university
site.

My motivation is partly security (to turn over as many rocks as I can
and see what wriggles out) and partly to automatically publicize
legitimate servers that students or departments may have set up on
their own machines.

This question really has two pieces:

   (1) The obvious brute-force method to look for unnanounced but
   legitimate servers would be to take a recent local host table and
   attempt to connect to port 80 of every host with an HTTP "GET /"
   request.  Ideally such a program should pace itself slowly, work
   during off-hours, etc. in order to minimize its impact on the campus
   network.  Does anyone know of an existing tool which does this or do
   I need to write it?

   (2) I'm also looking for less obvious methods, especially those
   which may be able to detect servers on ports other than 80.  Does
   anyone know of existing tools or promising methods?  They could
   either operate by watching the network (sniffing for packets which
   look like HTTP transactions, I suppose?) or, in a more limited
   fashion, on a Unix server itself.

I've glanced through several lists of network security software
packages (e.g., "http://www.alw.nih.gov/Security/prog-network.html")
and seen some tools which look like they *might* be adaptable to this
purpose, but I'm hoping that there are tools which fit this need to
begin with.

Please reply by *MAIL* and I will summarize.  Thank you.


-- RiceInfo Administrator, Rice University / http://is.rice.edu/~riddle

 
 
 

Probe for unannounced web servers in a domain?

Post by Michael Wa » Fri, 23 Feb 1996 04:00:00




>I am looking for tools and/or methods for discovering unannounced web
>servers in my domain, a typical heterogeneous unfirewalled university
>site.

One simple suggestion: let Alta Vista do the work! If the site has
links to it from external (non-Rice) sites, there's a good chance Alta
Vista will find it.

--
Michael Wang


 
 
 

Probe for unannounced web servers in a domain?

Post by Steve Heane » Sat, 24 Feb 1996 04:00:00


I also had in mind to to much the same thing for a site a while back
but never got round to it.  I picked up a reference to a tool called Strobe

which, if I remember rightly, polled around a network on selected or all
ports looking for
responses.

I'm afraid I don't have a reference but I'm sure it can't be too
hard to track down.

Regards,

Steve.

---------------------------------------------------
This message was created and sent using the *dog Mail System
---------------------------------------------------

 
 
 

Probe for unannounced web servers in a domain?

Post by Bartley R. Troya » Mon, 26 Feb 1996 04:00:00


Excerpts from netnews.comp.infosystems.www.servers.unix: 22-Feb-96 Re:



> >I am looking for tools and/or methods for discovering unannounced web
> >servers in my domain, a typical heterogeneous unfirewalled university
> >site.

> One simple suggestion: let Alta Vista do the work! If the site has
> links to it from external (non-Rice) sites, there's a good chance Alta
> Vista will find it.

> --
> Michael Wang


Alta Vista will only explore and index the site if the /robots.txt file
does not prohibit it...someone with an unannounced web site may *not
want* it to be found by spiders, although that seems unlikely...

Bart

---

http://barroom.res.cmu.edu/            NeXTmail/MIME welcome
...the maestro says it's Mozart, but it sounds like bubblegum--- _NBK_